UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Prior to each release of the application, updates to system, or applying patches; tests plans and procedures must be created and executed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-70367 APSC-DV-003130 SV-84989r1_rule Low
Description
Without test plans and procedures for application releases or updates, unexpected results may occur which could lead to a denial of service to the application or components. This requirement is meant to apply to developers or organizations that are doing development work when releasing a version update or a patch to the application.
STIG Date
Application Security and Development Security Technical Implementation Guide 2017-01-09

Details

Check Text ( C-70821r1_chk )
If the review is not being done with the developer of the application, this requirement is not applicable.

Ask the application representative to provide tests plans, procedures, and results to ensure they are updated for each application release or updates to system patches.

If test plans, procedures, and results do not exist, or are not updated for each application release, this is a finding.
Fix Text (F-76603r1_fix)
Execute tests plans prior to release or patch update.